Big data lake built for data security
Aggregates, stores, analyzes, and provides reports for database, file system, and big data platform security and compliance, data and file activity monitoring, data loss prevention (DLP), and other sources. Long-term, highly granular activity, vulnerability, entitlement and audit information may be consolidated in a low-cost, data security data lake, providing improved access to information while helping streamline data collection and data management and reducing costs.
Direct, real-time access to data and risk insights
Provides authorized users (such as auditors, security analysts, and other users) with secure, direct access and self-service reporting capabilities to speed time to insights and to help Guardium administrators become less involved in data management and access issues, and more focused on data security, data protection and compliance progress.
User activity analytics
Applies machine learning to determine normal user behavior at the data-source level, and then persistently evaluates this behavior to identify anomalies and risks. Analyzes behavior of different users on the same data source to detect anomalies, protect sensitive data, and share with SIEM solutions to refine broader user behavior analytics results.
Privileged access and change reconciliation
Improves governance by automatically linking with your privileged access management solution to tighten controls and increase visibility into who is accessing sensitive data.
Noise cancelation and deduplication forensics
Sifts through vast volumes of raw data to present, in a single pre-built report, specific errors, such as failed logins and SQL errors. Distinguishes between errors representing elevated risk and run-of-the-mill errors to reduce information transmitted to downstream systems.
Fully customizable SOC dashboard
Displays data on vulnerability assessment, discovery and classification, enabling easy visualization of error and exception types, and of users and their associated connection.
Automated trusted connection profiling
Enables users to see who is accessing which databases, file systems, and other data sources — and what access methods and tools they are using — leveraging a fully automated approach to involve appropriate reviewers, then leverages the built-in automated event-level workflow capabilities to streamline the process by identifying and saving trusted connections and owners.
Storing data security and compliance information in a dynamic big-data lake with low-cost storage means that data may be cost-effectively enhanced with related data from other business processes and applications (ticketing technologies, human resources or customer relationship management applications, etc) to enrich security and compliance data and enable more context-aware analytics that may reveal new insights.
Consolidates key data perspectives from specific data security sources (such as data discovery, classification, vulnerability assessment and entitlement reporting) to create a well-rounded and unified view of the data security profile for any given database (or other data source).
Flexible, event-level workflow management
Uses automation to efficiently and accurately reconcile data security and compliance-related results. This event-level workflow tool helps different types of end-users focus on the results relevant to them, rather than forcing them to review and manually sort through entire reports. The product can distribute each entry within a report to “virtual queues” for relevant stakeholders and progress events through a customizable workflow. Roles and processes may be customized.
Self-service, interactive data exploration
Allows users to interactively explore data security and compliance risk and operational results and insight through a pre-built analytics and visualization integration. Users are able to rapidly drill down into vast volumes of data and present them via a user-friendly graphical interface.